Breaking News: WordPress Brute Force Attack Campaign Started Today

Make sure you have backed up your WordPress site. A massive Brute Force Attack is underway.

A massive distributed brute force attack campaign targeting WordPress sites started this morning at 3am Universal Time, 7pm Pacific Time. The attack is broad in that it uses a large number of attacking IPs, and is also deep in that each IP is generating a huge number of attacks. This is the most aggressive campaign we have seen to date, peaking at over 14 million attacks per hour.

The attack campaign was so severe that we had to scale up our logging infrastructure to cope with the volume when it kicked off, which makes it clear that this is the highest volume attack that we have seen in Wordfence history, since 2012.

If you have not already done so, install Wordfence immediately on your site. Even the free version of Wordfence provides excellent brute force protection by limiting login attempts and hiding usernames while employing a variety of other mechanisms to ward off attackers.

The Premium version of Wordfence uses a real-time IP blacklist to completely block attackers. Our real-time blacklist was automatically updated as this attack started early this morning to immediately block IPs engaging in the attack. As you can see from the chart above, we are already monitoring over 10,000 unique IPs and actively blocking them.

We strongly recommend that you upgrade to Wordfence Premium to benefit from the real-time blacklist feature which blocks any traffic from these malicious IPs.

Spread the Word

This is the highest volume brute force attack we have seen to date. It may also be using the fresh credentials that were provided in the database released on December 5th, so it may achieve a higher than normal success rate. Please spread the word among the WordPress community to create awareness of this new threat. You can suggest the following actions to your fellow WordPress site owners:

  1. Install a firewall like Wordfence that intelligently blocks brute force attacks.
  2. Ensure that you have strong passwords on all user accounts, especially admin. Wordfence Premium provides password auditing capability.
  3. Change your admin username from the default ‘admin’ to something harder to guess.
  4. Delete any unused accounts, especially admin accounts that you don’t use. This reduces your attack surface.
  5. Enable two-factor authentication on all admin accounts. Wordfence Premium provides two-factor.
  6. Enable an IP blacklist to block IPs that are engaged in this attack. Wordfence Premium provides a real-time IP blacklist.
  7. Monitor login attempts by configuring alerts when an admin signs into your website. Wordfence (free version) provides this.
  8. Do not reuse a password on multiple services. That way if you have a password from a data breach in this new database, it won’t be the same as your WordPress admin password. You can use a password manager like 1password to manage many passwords across services.

Have a great night and stay safe…

Gun Control Doesn’t Matter

Gun control doesn't work

Every so often we have a mass shooting in the United States ad within minutes the usual suspects are breaking their necks to call for more gun control. It never fails. The left never lets an opportunity go to waste. The Texas church shooting was no different.

Leading the calls for more gun control is the left leaning major media. Of course CNN leads the way when jumping on a mass shooting, you’ll find Don Lemon and his minions reporting misleading information in order to get its audience up in a frenzy on gun control.

The media spent all day after the attack rhetorically asking whether now was the time for more gun control.  CNN’s Jim Acosta repeatedly asked if President Trump is, “Content . . . with these mass shootings exploding every month or so.”

If the media waited even a few hours, they would have learned that their calls for regulations — primarily for “universal” background checks — wouldn’t have stopped this attack. Indeed, their proposals wouldn’t have stopped any of the other mass public shootings in the last couple decades.  Kelley bought a gun at a gun store, and he passed the background check that the store conducted on him. Lying on the form doesn’t help you evade the computer background check.

Of course you’ll also find the democrats jumping all over the opportunity. Democratic Senators such as Dick Durbin (Ill.), Richard Blumenthal (Conn.), Bob Casey (Pa.), Dianne Feinstein (Calif.), and Kamala Harris (Calif.) all immediately made statements that were various versions of, “Congress must act.”

One has to look in only one place to see that more gun control isn’t the answer, Chicago. Chicago has some of the most strict gun laws in America, yet they lead all of the country in gun related murders. Why doesn’t Obama care about Chicago?

CNN calls Texas gun laws relaxed. Relaxed? I own 8 firearms. I had to go through 8 federal background checks before I was allowed to purchase each firearm. Nothing relaxed about that. What is needed in Texas is free and open carry. Thank God for the citizen who confronted the mass murderer and ultimately ended the shooting. If some of those church goers had a firearm on them at the time, less lives would have been lost.

Gun control is not about stopping the mass shootings. It’s about disarming its citizens. A disarmed citizen is much easier to control. The 2nd Amendment is a fundamental right of every citizen to bear arms. We should not let the government or a bunch of snowflakes disarm us. They will nit pick our gun rights apart, piece by piece. First it’ll be bump stocks, then it will be magazine capacities, then it’ll be AR-15’s and so on. Don’t give them anything. This is worth fighting for.

This is a fight we should be willing to go to war over.



The Wonderful World of PayPal

If you want more information on the Kore4 t-shirt I am wearing and how great the program is for advertising, head on over to Kore4.

As far as PayPal is concerned, it’s basically the only game in town for receiving money and paying out commissions. I am looking into others, but people trust PayPal, so until they lose the trust of more people, then that is what we are going to have to use.

Luckily, we got everything resolved. We are in their good graces again. You really have to be careful what you put on your site. Read the terms. To do that just click Legal at the bottom of all their pages and you can select what you want to read up on.

In my case, I had an old site that I basically had written off and forgotten about that had pay per click on the site. Evidently PayPal doesn’t want to be associated with pay per click. So they limited my account.

I did want PayPal asked of me and the limitations were removed. Was I worried? Heck yeah, you never know what they may do once they limit or suspend your account. It’s nerve racking. Your best bet is to make sure your site complies with the vague terms of service and usage.